Topic: vendor response
-
CISA: Hackers Actively Exploiting WatchGuard Firewall Flaw
A critical security flaw (CVE-2025-9242) in WatchGuard Firebox firewalls is being actively exploited, prompting CISA to issue an urgent patch directive to federal agencies. The vulnerability stems from an out-of-bounds write weakness in Fireware OS, affecting over 54,000 devices globally, with fe...
Read More » -
Patched FortiGate Firewalls Still Vulnerable to CVE-2025-59718
A critical Fortinet firewall vulnerability (CVE-2025-59718) remains actively exploitable even on systems with official patches, allowing attackers to bypass authentication and take over networks. Security researchers have confirmed ongoing exploitation where attackers use malicious SSO logins to ...
Read More » -
Google Ignores Critical Gemini ASCII Attack
A newly discovered ASCII smuggling vulnerability in Google's Gemini AI allows attackers to use invisible Unicode characters to manipulate the system, potentially spreading false information or accessing unauthorized data. This security flaw affects multiple AI platforms including Google Gemini, D...
Read More » -
Copilot Prompt Injection: Flaws or AI Limits?
A security engineer's findings on Microsoft Copilot, which Microsoft dismissed as not meeting vulnerability criteria, highlight a growing divide between vendors and independent researchers on assessing risks in generative AI platforms. The disclosed techniques, including prompt injection leading ...
Read More » -
Major Password Managers Have Design Flaws Enabling Vault Attacks
A security analysis reveals significant design vulnerabilities in major cloud-based password managers (Bitwarden, LastPass, Dashlane, 1Password), challenging their "zero-knowledge" encryption claims and potentially allowing full vault compromise. The vulnerabilities stem from common architectural...
Read More » -
Fortinet Critical Auth Bypass Flaw Remains Unpatched
A critical Fortinet SSO vulnerability (CVE-2025-59718) is being actively exploited via a bypass of the initial patch, allowing attackers to create unauthorized VPN accounts and steal configurations on fully updated devices. Fortinet has confirmed the attacks and is developing a new patch, while u...
Read More » -
Ivanti EPMM "sleeper" webshells pose hidden threat
A critical vulnerability (CVE-2026-1281) in Ivanti's EPMM platform is being actively exploited, with attackers implanting hidden, dormant backdoors that are difficult to detect. The exploitation campaign, linked to initial access brokers, has already compromised several high-profile organizations...
Read More » -
Zero-Day Attack Hits Gladinet File Sharing Software
A zero-day vulnerability (CVE-2025-11371) in Gladinet's CentreStack and Triofox platforms allows unauthenticated attackers to access sensitive files via Local File Inclusion, with at least three organizations already targeted. Attackers exploit the LFI flaw to retrieve machine keys and chain it w...
Read More » -
Exploit in Default Cursor Setting Runs Malicious Code on Dev Machines
A security flaw in Cursor AI code editor allows attackers to execute malicious code silently due to the Workspace Trust feature being disabled by default. Exploitation can lead to credential theft, file manipulation, and data exfiltration, especially risky given developers' elevated system privil...
Read More » -
Fortinet Firewalls Hacked: Critical Configs Stolen
An automated campaign is exploiting an unknown vulnerability in Fortinet FortiGate firewalls' SSO functionality, creating unauthorized admin accounts and stealing configuration data within seconds. The attacks resemble a previous campaign exploiting a critical authentication bypass flaw (CVE-2025...
Read More »